(12) INTERNATIONAL APPUCATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World InteUectual Property 
Organization 
International Bureau 




liiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiniiii 



(43) International Publication Date (10) International Publication Number 

31 March 2005 (31,03,2005) PCT WO 2005/029272 A2 



(51) International Patent Classification^: 



GOdF 



(21) International Application Number: 

PCTAJS2004/030548 

(22) InternaUonal Filing Date: 

IS September 2004 (15.09.2004) 



(25) Filing Language: 
(2(9 Publication Language: 
(30) Priority Data: 



English 
English 



60/503.511 



15 September 2003 (15.09.2003) US 



(71) Applicant (for all designated States except US): ACRES 
GAMING INCORPORATED [USmS]; 7115 Amigo 
Street, Suite 150, Las Vegas, NV 89119 (US). 

(72) Inventors; and 

(75) Inventors/AppUcants (for US only): FORBES, Mark, G. 
[US/US]; 815 Northwest 9th Street, Corvallis, OR 97330 
(US). RIEGELMANN, Robert, A. [US/US]; 815 North- 
west 9th Street, Corvallis. OR 97330 (US). 

(74) Agents: SCHAFFER, Scott, A. et al.; Marger Johnson 
& McCollom P.C., 1030 SW Morrison St., Portland. OR 
97205 (US). 



(81) Designated States (unless otherwise indicated, for every 
kind of national protection available): AE, AG, AL, AM, 
AT, AU, AZ, BA, BB, BG, BR, BW, BY, BZ, CA, CH. CN, 
CO, CR, CU, CZ, DE, DK, DM, DZ, EC, EE, EG, ES, FI, 
GB, GD, GE, GH. GM, HR, HU, ID, IL, IN, IS, JP, KE. 
KG, KP. KR, KZ, LC, LK, LR, LS, LT, LU, LV, MA, MD, 
MG, MK, MN, MW, MX, MZ, NA, NI, NO, NZ, OM. PG, 
PH. PL. FT. RO, RU, SC. SD. SE, SG. SK. SL, SY, TJ, ™, 
TN, TR, TT. TZ. UA. UG. US. UZ, VC, VN. YU. ZA, ZM, 
ZW. 

(84) Designated States (unless otherwise indicated, for every 
kind of regional protection available): ARIPO (BW, GH, 
GM, KE, LS. MW, MZ, NA, SD, SL, SZ, TZ, UG, ZM, 
ZW), Eurasian (AM, AZ, BY, KG, KZ, MD. RU, TJ, TM), 
European (AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, 
FR, GB. GR. HU. IE. IT, LU. MC, NL, PL. PT. RO. SE, SI. 
SK, TR), OAPI (BF. BJ. CF. CG. a. CM. GA. GN. GQ. 
GW, ML. MR. NE. SN, TD, TG). 

PubUshcd: 

— without international search report and to be republished 
upon receipt of that report 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations" appearing at the begin- 
ning of each regular issue of the PCT Gaz/ette. 



= (54) Title: METHOD AND DEVICE FOR DATA PROTECTION AND SECURITY IN A GAMING MACHINE 



MOIKERBOARO 



POWER 




MB (IDE) 






COMPORT 



I COMPORT 



COMPARATOR 



VALID 
OMMAN 



0^ PROTECTION MODULE^ 



MASS 
STORAGE 
MODULE 



5 



t> 
n 

ON 
<N 

O (57) Abstract: A method and apparatus is described for the protection of data in a mass storage device used for gaming applica- 
1^ tions. The device works in conjunction with the industry-standard hand disk interface port commonly found on a personal computer 
^ motherboaid, and an ofiF-the-shelf standard mass storage device. During operation, the protection device intercepts each command 
CD packet sent to the storage device, and passes through only those commands which are approved for use. The device may answer 
^ certain commands on behalf of the storage device, to supply default responses to non-approved command requests. The device also 
Q responds to certain other conunands on its own, providing a means of verifying its continued presence to defeat attempts to bypass 
^ or remove it. To defeat attempts to copy or mimic its operation, a standard cryptographic algorithm is implemented internally with 
a secret key, and the entire device is protected against data extraction that could reveal the key. 
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METHOD AND DEVICE FOR DATA PROTECTION AND 
SECURITY IN A GAMING MACHINE 

BACKGROUND OF THE INVENTION 
5 1. Field of the hivention. 

The invention relates to a mass storage data protection device, and more 

particxilarly to a protection device for use with an industry-standard mass storage 

device having no other reliable method of preventing unauthorized alteration of 

the stored data while operating inside a gaining machine. 
10 2. Description of the Prior Art. 

Gaming machines are operated within a tightly regulated industry, and 

historical precedent has held that critical operating code for such machines should 

be stored in non-alterable memory to defeat tampering. Media such as EPROM or 

masked ROM were considered acceptable, since these could not be rewritten in- 
15 system, and their contents could be verified in the field to insure that no tampering 

had occurred. While reasonably secure fi*om tampering, such media are limited in 

the amount of data they can hold. 

As data reqiurements for modem games expand, larger data storage 

devices are required. While it is technically possible to produce large arrays of 
20 ROM or EPROM storage devices, such arrays are custom-produced, expensive' 

and unwieldy. At the same time, large memory arrays of re-writeable *Tlash" 

memory are now available in standard packages with a standardized interface. 

Flash memories, however, pose an unacceptable security risk when used in 

conjunction with gaming machines. Though these devices ("Compact Flash 
25 Cards") can store large amounts of data and can be rewritten repeatedly, they lack 

a built-in means for preventing rewriting of the data by either a rogue program or 

a deliberate programmatic attack. 

Data protection schemes have been described before, but they suffer firom 

various limitations or are inapplicable to the gaming machine requirements. U.S. 
30 Reissue Patent Re 33,328 (Director) teaches a method using separate and 
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independent control and data buses, but such methods are inappropriate for use 
with Compact Flash Cards. 

Others have taken somewhat different approaches to secure memory. 
Patents issued to Stutz (U.S. Patent No, 5,668,973), Ishimoto (U.S. Patent No. 
5 6,101,586) and others describe methods of protecting specific areas of memory 
firom inadvertent overwriting in connection with a computer processor, but these 
methods do not address the selective permission or denial of commands to a 
memory device such as a Compact Flash (CF) card using a packet-based 
command sequence. 

10 U.S. Patent No. 6,488,581 (Stockdale) teaches a method using a protection 

device, but this mefliod relies on a monitoring means which detects an illegal 
command and asserts a reset signal to abort the operation of the mass storage 
device before data can be written to the storage device. It also generates a fault 
signal output to the gaming machine which interrupts the normal operation of the 

15 machine. Stockdale, however, provides no method for verifying the presence of 
the security device to prevent bypass and/or removal firoih the gaming machine. 

Accordingly, the need still exists for a device and method that can prevent 
alteration of the data stored in a CF card while it is operating as part of a gaming 
machine, with a means for verification of the presence of the protection device 

20 and a means for determining whether the protection device has been tampered 
with. 

SUMMARY OF THE INVENTION 
It is therefore an object of the invention to provide a means of protecting 
25 the data in a CF card firom alteration while it is connected to a gaming machine. 

Another object of the invention is to provide a means for verifying the 
continued presence of the protection device, in a way that cannot easily be 
duplicated by an attacker. 

A further object of the invention is to provide a means for verifymg the 
30 internal integrity of the protection device, such that regulatory authorities or other 
privileged entities may confirm that the protection device contains the same 
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algoritibons and internal constructs disclosed to them by the manufacturer of the 
device. 

Still another object of the invention is to provide a means of terminating 
the operation of the gaming machine in the event that an illegal command is 

5 received by the protection device. 

A method and apparatus is described for the protection of data in a mass^ 
storage device used for gaming applications. The device works in conjunction 
with the mdustry-standard hard disk interface port commonly foimd on a personal 
computer motherboard, and an off-the-shelf standard mass storage device. During 

10 operation, the protection device intercepts each command packet sent to the 

storage device, and passes through only those commands which are £^proved for 
use. The device may answer certain commands on behalf of the storage device, to 
supply default responses to non-q>proved command requests. The device also 
responds to c^ain other commands on its own, providing a means of verifjdng its 

15 continued presence to defeat attempts to bypass or remove it To defeat attempts 
to copy or mimic its operation, a standard cryptographic algorithm is implemented 
internally with a secret key, and the entire device is protected against data 
extraction that could reveal the key. 

The foregoing and other objects, features and advantages of the invention 

20 will become more readily apparent from the following detailed description of a 
preferred embodiment of the invention that proceeds with reference to the 
accompanying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 
25 FIG. 1 is a block diagram of a protection device integrated within a mass 

data storage system and configured according to a preferred embodiment of the 
invention. 

FIG. 2 is a flow diagram illustrating operation of the protection device of 
FIG. 1 according to a preferred embodiment. 
30 FIG. 3 is a block diagram illustrating operation of the protection device 

according to another aspect of the invention. 
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DETAILED DESCRIPTION 
FIG. 1 illustrates an implementation of the preferred embodiment of the 
protection device 10 coupled to motherboard 12 and including a protection 
module and mass storage unit 14 incorporating two mass storage devices 24, 26. 

5 The figure illustrates but one means of reducing this invention to practice, as will 
be apparent to those skilled in the art. 

The first communication port 18 is implemented as a connector which 
mates with a hard disk drive controller port 20 commonly found on personal 
computer motherboards, known generically as the *TDE port". This port suppUes 

10 a 16-bit bidirectional data bus along line 22, as well as some address and control 
signals suitable for communicating with a mass storage device, such as an IDE 
hard disk drive, througih a second communication port 23. With minor adaptation, 
this port may also be used to communicate vnfh a Compact Flash (CF) card. 
Adapters to do this are commercially available and are known to those skilled in 

15 the art. 

First mass storage device 24 can be of the type including a hQusing and a 
connector 25 implemented according to the USB standard for passing electronic r 
signaling (and power) to and &om the housing. In the present embodiment, 
however, the storage unit 14 is integrated within a single housing uicluding tiie 

20 protection module. The housing includes first and second local mass storage ports 
24, 26 which are sockets designed to mate with CF card 28, 30, respectively, or 
can include a single socket designed to accept two cards. Both styles are 
commonly known in the industry and thus not described fiirther here. In addition, 
a power input port 34 is provided, with a coimector that can mate to a spare disk 

25 drive power cable 36. This connector supplies operating power to the protection 
device 10 firom a supply coimector 38 located on motherboard 12, where the 
power may be suitably conditioned by an on-board regulator as needed. 

Botii **read" and *Svrite" operations are necessary to read data firom the 
storage device, and only the type of conmiands presented during the *Svrite" 

30 operations will determine whether the subsequent accesses to the data bus will 

result in data being read out of the storage device, or whether data will be written 
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into it in violation of gaming regulations. Accordingly, and unlike conventional 
memory chips, it is not adequate to merely cut the write Hue to a Compact Flash 
Card in order to write-protect it 

Sitting between the IDE port 20 and the CF ports 24, 26 is a protection 

5 module 1 1 comprising in a preferred embodiment a jSeld-programmable gate array 
(FPGA) containing the logical implementation of the device. In the preferred 
embodiment, this FPGA is a device which stores its programming internally, 
without an external programming device as is common to some types of FPGAs. 
Such FPGAs can be secured so that their contents cannot be read out after 

10 programming to make it much more difficult to attack the encryption algorithm or 
keys contained inside. 

Within the FPGA, various operations take place which implement the 
details of the invention. These operations are performed based on pre- 
programmed patterns loaded mto the FPGA when the protection device is 

15 manufactured. This is similar to the programming process for a microcontroller, 
but the FPGA implements logic instead of executing sequential instructions. 
Unlike a microcontroller, the response time of the FPGA to an external stimulus is 
limited only by the propagation time across the device, not by a quantity of 
clocked execution cycles. Thus, the tune for the protection device to perform its 

20 function is measured in nanoseconds, instead of the microseconds-to-milliseconds 
that a microcontroller may require. 

This is important because access to the stored data in the CF card will be 
delayed by the time necessary to qualify the instructions requesting that data. 

The IDE interface 20 presents commands and data to CF card or cards 28, 

25 30 using the 16 bit data bus and some control signals. Most important of these are 
the /READ and AVRTTE signals, active-low strobes which indicate the presence of 
vahd data on the bus 22. Two chip select signals (/CSl and /CS2) indicate 
whether the data presented is a command to set up the card for a data operation, or 
the data to be read from or written to the CF card. The methods of using this 

30 interface are generally known as the ATA and ATAPI standards, and are 
documented by an ANSI standard referenced above. 
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The FPGA protection device includes an identifier module 40 and a 
comparator module 42. Attention will now be directed to comparator module 42 
and also to the flow diagram illustrated in FIG. 2. Commands are forwarded in 
block 100 from IDE port 20 on motherboard 12, through line 22 to a compact 

5 flash card 28 coupled to CF reader 14. The command is intercepted by protection 
device 10 in block 102 and passed through com port 18 to comparator module 42 
and identifier 40. Every time the /WRITE signal is detected in block 104, the 
command and data bus information is latched in block 1 06 by write logic circuits 
44 into a holding register 46 in the FPGA. A lookup is then performed in the 

10 FPGA in block .108 to match the command against the list of valid commands 48 
allowed for the CF card. Examples of such commands nught be setting the 
current data pointer to the next sector to be read, or loading the number of 
operations to be performed in an upcoming bulk read operation. These operations 
require a write cycle to tell the CF card what data is to be accessed, but the write 

15 operation does not have the ability to change the data on the card. 

If the command matches one of the allowed coimnands on the approved 
list as ascertained in block 1 10, then the contents of the holding register 46 are 
transferred to the matching signal pins on the CF card 28 in block 112. In an 
alternate embodiment, the drive select signal illustrated by selector 50 in FIG. 1 

20 may be used to steer the register contents to the appropriate CF card in local mass 
storage device 24 or through a third communication port 51 to a different mass 
storage device 26. 

In such an embodiment, it may be that the approved list of commands for 
one of the CF cards would permit write operations, perhaps restricted to a specific 
25 region of the card or otherwise constrained by the regulatory needs of the gaming 
application. 

If the command is not one of the approved commands, then the signals on 
the CF card are held in an idle state in block 114, preventing the non-approved 
command from ever reaching the card. The protection device may unplement a 
30 defeult response indicating command failure, using the error register method in 
the ATA standard. Alternatively, the protection device may also set a "locld' bit 
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internally which prevents any suhsequent operation at all, and requires a power- 
down-and-restart of the device to remove the lock. 

If a read cycle is asserted (using the /READ strobe) the signals may be 
passed straight through from block 104 to the appropriate CF card m block 1 12, 
5 since these cycles do not have the ability to alter data on the CF card. Or, as 

described above, the protection device may choose to block all access while in a 
&ult mode. 

Since the protection device essentially "filters" ttie commands presented 
by the IDE interface, allowing only a subset of them to pass, it is apparent to those 

10 skilled in the art that removal of the protection device would leave the CF card 
open to alteration while in operation within the gaining machine. The next 
element of the invention addresses that deficiency. 

It is desirable to verify on a periodic basis that the protection device is still 
present in the gaming machine. In such an application, physical access to the 

15 device can be made difficult, by means of locked doors, intrusion detectors, 

tamper-resistant seals and other such methods well known in the gaming industry. 
To remove the protection device is therefore not a trivial task, and a simple 
periodic check of the device's presence is sufficient. The test must not be easily 
bypassed however, nor should it be simple to emulate using a "fake" protection 

20 device such as a hacker might employ. 

Various methods usmg cryptography algorithms are well known in the art. 
The protection device 10 is equipped with an identifier module 40 implementing 
one of these algorithms within encryptor block 52, and the protection device 
responds to a specific command with a sequence of encrypted data using a secret 

25 key 54. Referring to FIG. 3, the gaming machine through motherboard 12 
presents a data stream A and the protection device responds with encrypted 
information B that satisfies the identification requirement. Many such methods 
are known, and many combinations and permutations of them can be used to foil a 
potential attacker. The command sequence can either be a command like the 

30 "identify device** command atoeady documented in the ATA/ATAPI standard, or 
it can be some unused command from the list of reserved command types. 
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Numerous undocumented or illegal command codes are available for this purpose, 
and their use in such a dedicated application poses no interoperability problem. 

The present invention does not address the issue of extemal alteration of 
the CF card data, by removing the CF card from the protection device and altering 

5 it elsewhere. Existing methods and regulations are considered sufficient to deal 
with this threat, in the same way that an attacker might alter the data stored in. an 
EPROM or programmable microcontroller. The present invention addresses only 
the in-machine alteration of data on a CF card, and detection of the presence of the 
protection device in the gaming machine. 

10 A further desirable feature of the invention is the means to determine that 

it contains the programming which it is purported by the manxifecturer to have 
been programmed with. To this end, a command much like the encryption 
response command described above may be implemented, which performs an 
internal check of the protection device programming and reports this value. Such 

15 "checksum" or "CRC" methods are well known in the art and commonly used for 
verification of memory storage devices like EPROMs. Unlike an EPROM, the 
internal programming is not directly readable, but it may be used to generate an 
internally calculated value which offers a reasonable assurance that the 
programming is correct. An extension of this can be to use the calculated value as 

20 a seed for the encryption response command desodbed earlier, along with 
variations and permutations of these methods. 

Having described and illustrated the principles of the invention in a preferred 
embodiment thereof, it should be apparent that the invention can be modified in 
arrangement and detail without departing from such principles. The protection 

25 device disclosed herein is not limited only to use with flash memory technologies but 
any writable mass storage device such as hard drives. We claim all modifications 
and variation coming within the spirit and scope of the following claims. 
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CLAIMS 

1 . A mass storage data protection device for use with an industry- 
standard mass storage device and industry standard personal computer disk drive 
controller, comprising: 

5 a first communication port (1 8) for connection to a disk drive controller 

port (20); 

a second communication port (23) for connection to a mass storage device 

(14); 

a comparison means (42) in connection with both communication ports 
10 (1 8, 23), wherein commands presented at the first port are matched against a 

preselected set of approved commands (48); 

an output means (1 12) in connection with the second communication port 

(23), which activates only for commands meeting the approval test (1 10) firom the 

comparison means (42); and 
15 an output means (40) in connection with the first communication port (1 8), 

which responds to selected commands presented at the first communication port, 

or delivers data presented by the mass storage device (14) on the second 

coDMnunication port (23), 

2. The protection device of claim 1, further comprising an encryption 
20 means (52) connected to the first communication port (18), together with an 

internally stored secret key (54), respondent to a challenge presented at the first 
communication port, responding with an encrypted version of the challenge. 

3 . The protection device of claim 2, wherein the encryption means 
(52) uses one of plurality of algorithms, including IDEA, DES, 3-DES, PGP or 

25 others, either separately or in combination, with keys of varying lengths. 

4. The protection device of claim 1, wherein the comparison means 
(42) denies subsequent access to the mass storage device (14) if a cotxmiand is 
received which is not one of the approved commands. 

5. The protection device of claim 1, further comprising a comparison 
30 means for generating a unique signature based on the intemal program and 

approved command list, and an ou^ut means for presenting this sigixature at one 
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or more of the communication ports on receipt of a valid password requesting the 
signature, for verification of internal programming of the device by regulatory 
agencies, the manufacturer or others privileged to this information. 

6. The protection device of claim 1 , further comprising a third 

5 communication port (51) connected to a physically separate mass storage device 
(26), together with a selection means (50) connected to all three communication 
ports to determine which of the mass storage devices shall be active. 

7. The protection device of claim 6, wherein the list of approved 
commands is unique for each of the mass storage devices. 

10 8. The protection device of claim 7, further comprising an encryption 

means (52) connected to the first communication port (18), together with an 
internally stored secret key (54), respondent to a challenge presented at the first 
communication port, responding with an encrypted version of the challenge. 

9. The protection device of claim 8, wherein the encryption means 
15 (52) uses one of plurality of algorithms, including IDEA, DES, 3-DES, PGP or 

others, either separately or in combination, with keys of varying lengths. 

10. The protection device of claim 7, wherein the comparison means 
(42) denies subsequent access to the mass storage device (14) if a command is 
received which is not one of the approved commands. 

20 11. The protection device of claim 7, fiuHier comprising a comparison 

means for generating a unique signature based on the internal program and 
approved cormnand list, and an output means for presenting this signature at one 
or more of the communication ports on receipt of a valid password requesting die 
signature, for verification of internal progranuning of the device by regulatory 
25 agencies, the manufacturer or others privileged to this information. 
12. A gaming machine comprising; 
a housing; 

at least one user ixiput coupled to the housing; and 
a disk controller; 
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a mass storage device for storing program code for the gaming machine; 
and the protection device of claim 1 . 

13, The gaming machine of claim 12, further comprising an encryption 
and decryption means communicative with the protection device and containing 

5 keys suitable for generating or decoding encrypted communications with said 
protection device. 

14. A data protection device ad£5)ted to be interposed between a 
motherboard and a mass storage device, the data protection device comprising: 

an identifier module operatively coupled to an IDE port on a motherboard 
10 and including an encryptor capable of inq>lemeiiting a cryptography algorithm using 
secret key on a data stream received fi-om tiie motherboard; and 

a comparator module including write logic cj?)able of passing only those 
commands received fix)m the motherboard to the mass storage device that are 
indicated in a valid command list associated with the write logic, otherwise passing 
15 an invalid command received by the protection device into a holding register without 
passing the invalid command to ttie mass storage device. 
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